Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Remote Desktop Access VuuPC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
paragan
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 09 lis 2007 00:12

Remote Desktop Access VuuPC

#1 Příspěvek od paragan »

Potreboval by som poradiť dostal sa mi na počítač takýto zázrak "Remote Desktop Access VuuPC"
prescanoval som počítač AVG-čkom ten niečo polikvidoval
problém je v tom, že keď spusím firefox odkazuje na nejaký file:///C:/ProgramData/dlohn/snp.sc -adresár som vymazal ale aj keď som nastavil aby pri spúšťaní zobrazoval ako domovskú stránku google stále tam občas dáva file:///C:/ProgramData/dlohn/snp.sc - keďže je vymazaný píše súbor sa nenašiel

v chrome zase odkazuje na nejaký
Prikladám log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Marian (administrator) on PC (07-02-2016 21:41:08)
Running from C:\Users\Marian\Desktop
Loaded Profiles: Marian (Available Profiles: Marian)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) G:\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Marian\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3874216 2016-01-08] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\iSkysoft\iTube Studio\BrowserPlugInHelper.exe [401920 2013-07-15] (Wondershare Software)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-05-20] ()
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: {0830b90c-1ec0-11e2-bd1b-6c626d59d49e} - I:\AUTORUN.EXE
AppInit_DLLs: C:\ProgramData\dlohn\Dentosing.dll => No File
AppInit_DLLs-x32: C:\ProgramData\dlohn\SubTone.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-18]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-07-08]
ShortcutTarget: EvernoteClipper.lnk -> G:\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2015-12-25]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-09-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0AA06110-B427-4B45-961F-30F41C1FE078}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuMh5_pHWLaK2UZ_QIRfNyiozGeM_oh_feQZgt34EU0A9m3AYElL5NpHkHQsW86a6baqQxmHHIwHXTzmxNelXgRo-Bds1s2yrouZAM1dBFrDlCWFla8kMRT06btQWCm7TxRC1Gep_GogW0t2oVQYlsq02uJyBdR&q={searchTerms}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuMh5_pHWLaK2UZ_QIRfNyiozGeM_oh_feQZgt34EU0A9m3AYElL5NpHkHQsW86a6baqQxmHHIwHXTzmxNelXgRo-Bds1s2yrouZAM1dBFrDlCWFla8kMRT06btQWCm7TxRC1Gep_GogW0t2oVQYlsq02uJyBdR&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1321244427-3972337821-2775802884-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuMh5_pHWLaK2UZ_QIRfNyiozGeM_oh_feQZgt34EU0A9m3AYElL5NpHkHQsW86a6baqQxmHHIwHXTzmxNelXgRo-Bds1s2yrouZAM1dBFrDlCWFla8kMRT06btQWCm7TxRC1Gep_GogW0t2oVQYlsq02uJyBdR&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1321244427-3972337821-2775802884-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuMh5_pHWLaK2UZ_QIRfNyiozGeM_oh_feQZgt34EU0A9m3AYElL5NpHkHQsW86a6baqQxmHHIwHXTzmxNelXgRo-Bds1s2yrouZAM1dBFrDlCWFla8kMRT06btQWCm7TxRC1Gep_GogW0t2oVQYlsq02uJyBdR&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> G:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> G:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> G:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: iSkysoft iTube Studio -> {0F789748-F853-4734-A187-A096F05306E5} -> C:\Program Files (x86)\iSkysoft\iTube Studio\SVRIEPlugin.dll [2013-07-15] (iSkysoft Software Co., Ltd.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-03] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> G:\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-03] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - G:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default
FF NewTab: C:\\ProgramData\\dlohn\\ff.NT
FF Homepage: hxxps://www.google.sk/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> G:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2013-01-15] (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-05-20] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.2\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.2\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1321244427-3972337821-2775802884-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1321244427-3972337821-2775802884-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-05-20] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2013-07-30]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2016-02-06]
FF Extension: FirefixTab - C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\Extensions\deskCutv2@gmail.com [2016-02-03] [not signed]
FF Extension: Block site - C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-05-29]
FF Extension: Evernote Web Clipper - C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-11-24]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => not found
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{7F737E3E-993D-43AB-9109-90C4E82752CC}] - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRFirefoxExt
FF Extension: iSkysoft iTube Studio - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRFirefoxExt [2013-07-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\extensions\deskCutv2@gmail.com
FF HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Firefox\Extensions: [{7F737E3E-993D-43AB-9109-90C4E82752CC}] - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRFirefoxExt
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-04-10] <==== ATTENTION

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR Profile: C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (iSkysoft iTube Studio) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\afapmikcgbhfkecdhiokcgledjcpfbfd [2013-07-23]
CHR Extension: (Dokumenty Google) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Disk Google) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (YouTube) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (GFACE Experience Plugin) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol [2014-01-18]
CHR Extension: (Wiki Search.me) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip [2016-02-07]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-02-07]
CHR Extension: (Vimeo™ Download Videos) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg [2013-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-23]
CHR Extension: (Beyondpad) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjilocmjkhfhcoelokiomommpihnpep [2015-08-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Battlefield Play4Free) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-07-13]
CHR Extension: (Gmail) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Marian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-09]
CHR HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [afapmikcgbhfkecdhiokcgledjcpfbfd] - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRChromePlugin.crx [2013-07-23]
CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files (x86)\Perion\ChromeInfoBar\ChromeInfoBar.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [627544 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3906568 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [583936 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-09-11] (Ellora Assets Corp.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-10] ()
R2 vToolbarUpdater15.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-07-30] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [258480 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-30] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-26] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S1 aimfpslb; \??\C:\Windows\system32\drivers\aimfpslb.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 gblftahg; \??\C:\Windows\system32\drivers\gblftahg.sys [X]
S1 ivquwfrm; \??\C:\Windows\system32\drivers\ivquwfrm.sys [X]
S1 kewhvity; \??\C:\Windows\system32\drivers\kewhvity.sys [X]
S3 MSICDSetup; \??\H:\CDriver64.sys [X]
U4 secdrv; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-07 21:41 - 2016-02-07 21:41 - 00025806 _____ C:\Users\Marian\Desktop\FRST.txt
2016-02-07 21:37 - 2016-02-07 21:37 - 00112640 _____ (forum.viry.cz) C:\Users\Marian\Desktop\FRSTLauncher.exe
2016-02-07 21:35 - 2016-02-07 21:41 - 00000000 ____D C:\FRST
2016-02-07 21:31 - 2016-02-07 21:31 - 02370560 _____ (Farbar) C:\Users\Marian\Desktop\FRST64.exe
2016-02-07 21:15 - 2016-02-07 21:17 - 00000000 ____D C:\AdwCleaner
2016-02-07 21:15 - 2016-02-07 21:15 - 01508352 _____ C:\Users\Marian\Downloads\adwcleaner_5.033.exe
2016-02-06 21:59 - 2016-02-06 21:59 - 00035058 _____ C:\Users\Marian\Downloads\marco-polo-(2014)---01x09---prisoners.2hd.srt
2016-02-05 22:19 - 2016-02-05 22:19 - 00016619 _____ C:\Users\Marian\Downloads\[CzT]Sama_noci_tmou_A_Girl_Walks_Home_Alone_at_Night_2014_PER_WebRip_720pLQ_.torrent
2016-02-04 22:14 - 2016-02-04 22:17 - 56684452 _____ C:\Users\Marian\Downloads\Brejk_6_2013.pdf
2016-02-04 22:08 - 2016-02-04 22:12 - 59225402 _____ C:\Users\Marian\Downloads\Brejk_1_2013.pdf
2016-02-04 21:43 - 2016-02-04 21:44 - 16284311 _____ C:\Users\Marian\Downloads\brejk_18.rar
2016-02-04 20:33 - 2016-02-04 21:34 - 00000000 ____D C:\Users\Marian\Downloads\TitulkyPosun
2016-02-04 20:33 - 2016-02-04 20:33 - 00198835 _____ C:\Users\Marian\Downloads\TitulkyPosun.rar
2016-02-03 18:34 - 2016-02-03 18:34 - 00036788 _____ C:\Users\Marian\Documents\cc_20160203_183429.reg
2016-02-03 17:50 - 2016-02-03 17:50 - 00000000 ____D C:\Program Files (x86)\RayDld
2016-02-03 17:49 - 2016-02-03 17:50 - 00000000 ____D C:\Users\Marian\AppData\Roaming\mysites123
2016-02-03 13:42 - 2016-02-04 18:26 - 00000000 ____D C:\Users\Marian\AppData\Local\00000000-1454506926-0000-0000-6C626D59D49E
2016-02-03 13:41 - 2016-02-06 20:54 - 00000000 ____D C:\Program Files\REACHit
2016-02-03 13:41 - 2016-02-03 13:41 - 00041472 _____ C:\Users\Marian\AppData\Local\Techitrax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 00041472 _____ C:\Users\Marian\AppData\Local\Scot-lax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 00000187 _____ C:\Users\Marian\AppData\Local\Techitrax.exe.config
2016-02-03 13:41 - 2016-02-03 13:41 - 00000187 _____ C:\Users\Marian\AppData\Local\Scot-lax.exe.config
2016-02-03 13:41 - 2016-02-03 13:39 - 00001003 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-02-03 13:40 - 2016-02-05 21:51 - 00000000 ____D C:\Program Files (x86)\00000000-1454503245-0000-0000-6C626D59D49E
2016-02-03 13:40 - 2016-02-03 13:40 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2016-02-03 13:37 - 2016-02-03 14:23 - 00000000 ____D C:\Program Files (x86)\KMSPico
2016-02-03 12:58 - 2016-02-04 23:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-02-03 12:57 - 2016-02-03 12:57 - 00000000 ____D C:\Windows\PCHEALTH
2016-02-03 12:57 - 2016-02-03 12:57 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-02-03 12:57 - 2016-02-03 12:57 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-02-03 12:54 - 2016-02-03 12:54 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-02-03 12:54 - 2016-02-03 12:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-03 12:54 - 2016-02-03 12:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-02-01 23:22 - 2016-02-01 23:22 - 00000000 ____D C:\Users\Marian\Downloads\Nový priečinok
2016-02-01 18:18 - 2016-02-01 18:18 - 00000000 ____D C:\Users\Marian\Documents\risk
2016-01-31 13:28 - 2016-02-04 00:30 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok
2016-01-31 12:20 - 2016-01-31 12:20 - 00000000 _____ C:\Users\Marian\Desktop\ako sa pripravit na lod fight.txt
2016-01-28 21:55 - 2016-01-28 21:55 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-26 11:04 - 2016-01-26 11:04 - 00000000 _____ C:\Users\Marian\Desktop\darkes dungeon.txt
2016-01-26 09:31 - 2016-01-26 10:29 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (5)
2016-01-25 23:52 - 2016-01-26 00:31 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (4)
2016-01-21 22:50 - 2016-01-21 22:51 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (3)
2016-01-21 17:12 - 2016-01-21 20:50 - 00066674 _____ C:\Users\Marian\Desktop\UDP.odt
2016-01-21 17:12 - 2016-01-21 17:12 - 00000000 ____D C:\Users\Public\Documents\sun
2016-01-21 17:07 - 2016-01-21 17:07 - 00001554 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-01-21 17:07 - 2016-01-21 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2016-01-21 17:07 - 2016-01-21 17:07 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-01-20 22:01 - 2016-01-29 20:15 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (2)
2016-01-20 10:18 - 2016-01-20 10:18 - 00000000 _____ C:\Users\Marian\Desktop\transhumanism.txt
2016-01-19 13:27 - 2016-01-20 10:04 - 00060405 _____ C:\Users\Marian\Desktop\int.odt
2016-01-12 22:33 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-12 22:33 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-12 22:33 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-12 22:33 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-12 22:33 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-12 22:33 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-12 22:31 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-12 22:31 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-12 22:31 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-12 22:31 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-12 22:31 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-12 22:31 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-12 22:31 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-12 22:31 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-12 22:31 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-12 22:31 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-12 22:31 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-12 22:31 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-12 22:31 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-12 22:31 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-12 22:31 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-12 22:31 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-12 22:31 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-12 22:31 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-12 22:31 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-12 22:31 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-12 22:31 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-12 22:31 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-12 22:31 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-12 22:31 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-12 22:31 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-12 22:31 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-12 22:31 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-12 22:31 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-12 22:31 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-12 22:31 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-12 22:31 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-12 22:31 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-12 22:31 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-12 22:31 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-12 22:31 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-12 22:31 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-12 22:31 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-12 22:31 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-12 22:31 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-12 22:31 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-12 22:31 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-12 22:31 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-12 22:31 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-12 22:31 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-12 22:31 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-12 22:31 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-12 22:31 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-12 22:31 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-12 22:31 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-12 22:31 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-12 22:31 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-12 22:31 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-12 22:31 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-12 22:31 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-12 22:31 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-12 22:31 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-12 22:31 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-12 22:31 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-12 22:31 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-12 22:31 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-12 22:31 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-12 22:31 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-12 22:31 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-12 22:31 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-12 22:31 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-12 22:31 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-12 22:31 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-12 22:31 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-12 22:31 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-12 22:31 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-12 22:31 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-12 22:31 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-12 22:31 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-12 22:31 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-12 22:31 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-12 22:31 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-12 22:31 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-12 22:31 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-12 22:31 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-12 22:31 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-12 22:31 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-12 22:31 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-12 22:31 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-12 22:31 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-12 22:31 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-12 22:29 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-12 22:29 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-12 22:29 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-12 22:29 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-12 22:29 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-12 22:29 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-12 22:29 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-12 22:29 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-12 22:29 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-12 22:29 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-12 22:29 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-12 22:29 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-12 22:29 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-12 22:29 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-12 22:29 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-12 22:29 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-12 22:29 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-12 22:29 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-12 22:29 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-12 22:29 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-12 22:29 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-12 22:29 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-12 22:29 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-12 22:29 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-12 22:29 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-12 22:29 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-12 22:29 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-12 22:29 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-12 22:29 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-12 22:29 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-12 22:29 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-12 22:29 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-12 22:29 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-12 22:29 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-12 22:29 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-12 22:29 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-12 22:29 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-12 22:29 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-12 22:29 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-12 22:29 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-12 22:29 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-12 22:29 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-12 22:29 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-12 22:29 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-12 22:29 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-12 22:29 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-12 22:29 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-12 22:29 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-12 22:29 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-12 22:29 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-12 22:29 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-12 22:29 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-12 22:29 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-12 22:29 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-12 22:29 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-12 22:29 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-12 22:29 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-12 22:29 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-12 22:29 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-12 22:29 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-12 22:29 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-12 22:29 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-12 22:29 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-12 22:29 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-12 22:29 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-12 22:29 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-07 21:27 - 2012-11-10 00:25 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-07 21:14 - 2009-07-14 05:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-07 21:14 - 2009-07-14 05:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-07 21:13 - 2013-05-20 20:52 - 00000000 ____D C:\Users\Marian\AppData\Local\PMB Files
2016-02-07 21:10 - 2012-10-17 19:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-07 20:44 - 2012-11-10 00:27 - 00000000 ___RD C:\Users\Marian\Disk Google
2016-02-07 20:42 - 2013-05-31 21:09 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2016-02-07 20:42 - 2012-11-10 00:25 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-07 20:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-07 16:49 - 2012-10-17 19:51 - 00000000 ____D C:\ProgramData\MFAData
2016-02-06 23:56 - 2012-10-17 20:45 - 00000000 ____D C:\Users\Marian\AppData\Roaming\vlc
2016-02-06 21:41 - 2013-06-21 10:43 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-06 20:56 - 2013-06-22 09:34 - 00002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-06 20:56 - 2013-06-22 09:34 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-06 20:56 - 2013-06-21 10:43 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-06 20:56 - 2012-10-15 16:26 - 00001441 _____ C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-04 23:20 - 2009-07-14 03:34 - 00000489 _____ C:\Windows\win.ini
2016-02-04 22:40 - 2014-09-03 19:41 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Azureus
2016-02-04 03:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-04 03:08 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-03 17:10 - 2009-07-14 05:45 - 00507104 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-03 14:37 - 2012-10-26 19:27 - 00000000 ____D C:\Users\Marian\AppData\Roaming\DAEMON Tools Lite
2016-02-03 14:13 - 2015-11-17 10:45 - 00000000 ____D C:\Users\Marian\AppData\Local\Avg
2016-02-03 13:57 - 2012-10-15 17:15 - 00129536 _____ C:\Users\Marian\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-03 13:52 - 2014-02-26 17:09 - 00000000 ____D C:\ProgramData\Oracle
2016-02-03 13:50 - 2015-11-14 16:23 - 00000000 ____D C:\Users\Marian\.oracle_jre_usage
2016-02-03 13:50 - 2014-10-18 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-03 13:50 - 2012-11-09 23:58 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-03 13:49 - 2014-10-18 07:59 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-03 12:58 - 2011-04-12 14:41 - 00000000 ____D C:\Windows\ShellNew
2016-02-03 12:57 - 2015-03-02 22:26 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-03 12:55 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-02 23:58 - 2015-03-02 22:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-02-01 18:24 - 2009-07-14 06:13 - 00795754 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-31 14:33 - 2013-06-05 20:19 - 00000000 ____D C:\Users\Marian\Documents\Knižnica Calibre
2016-01-31 10:29 - 2013-03-17 23:13 - 00001250 _____ C:\Users\Marian\Desktop\4K Video Downloader.lnk
2016-01-31 10:29 - 2013-03-17 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-01-30 22:22 - 2012-11-10 00:25 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-30 22:22 - 2012-11-10 00:25 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 17:23 - 2014-11-08 16:30 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-01-30 17:23 - 2014-11-08 16:30 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-01-30 17:23 - 2014-11-08 16:30 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-01-30 17:23 - 2014-11-08 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-21 00:25 - 2015-11-04 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-01-19 22:10 - 2012-10-17 19:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 22:10 - 2012-10-17 19:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-19 22:10 - 2012-10-17 19:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-17 22:08 - 2014-09-03 19:41 - 00000000 ____D C:\Program Files (x86)\Vuze
2016-01-15 10:53 - 2014-12-26 09:43 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 10:52 - 2015-08-28 19:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-13 07:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-13 07:03 - 2014-12-10 11:53 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-13 07:03 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2013-05-21 15:30 - 2013-07-30 19:38 - 0003715 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-01-06 21:05 - 2014-01-06 21:05 - 0005632 _____ () C:\Users\Marian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-29 19:45 - 2012-12-29 19:45 - 0000094 _____ () C:\Users\Marian\AppData\Local\fusioncache.dat
2015-11-21 22:21 - 2015-11-21 22:21 - 0000758 _____ () C:\Users\Marian\AppData\Local\recently-used.xbel
2015-03-11 19:24 - 2015-03-11 19:24 - 0007605 _____ () C:\Users\Marian\AppData\Local\Resmon.ResmonCfg
2016-02-03 13:41 - 2016-02-03 13:41 - 0041472 _____ () C:\Users\Marian\AppData\Local\Scot-lax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 0000187 _____ () C:\Users\Marian\AppData\Local\Scot-lax.exe.config
2016-02-03 13:41 - 2016-02-03 13:41 - 0041472 _____ () C:\Users\Marian\AppData\Local\Techitrax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 0000187 _____ () C:\Users\Marian\AppData\Local\Techitrax.exe.config

Some files in TEMP:
====================
C:\Users\Marian\AppData\Local\Temp\i4jdel0.exe
C:\Users\Marian\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Marian\AppData\Local\Temp\nsyE2D3.exe
C:\Users\Marian\AppData\Local\Temp\nsz289A.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{7447D064-F23C-424A-A082-646ABF83C439}.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Marian\Desktop" je 148 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(8.58 KiB) Staženo 32 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Remote Desktop Access VuuPC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
paragan
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 09 lis 2007 00:12

Re: Remote Desktop Access VuuPC

#3 Příspěvek od paragan »

Prikladám log
# AdwCleaner v5.033 - Logfile created 07/02/2016 at 23:17:58
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Marian - PC
# Running from : C:\Users\Marian\Desktop\adwcleaner_5.033.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater15.4.0

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\REACHit
[-] Folder Deleted : C:\Program Files (x86)\MyPC Backup
[-] Folder Deleted : C:\Program Files (x86)\RayDld
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\Trymedia
[-] Folder Deleted : C:\ProgramData\Avg_Update_1015av
[-] Folder Deleted : C:\ProgramData\Avg_Update_1215avz
[-] Folder Deleted : C:\Users\Marian\AppData\Local\00000000-1454506926-0000-0000-6C626D59D49E
[-] Folder Deleted : C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
[-] Folder Deleted : C:\Users\Marian\AppData\Roaming\HoolappforAndroid
[-] Folder Deleted : C:\Users\Marian\AppData\Roaming\mysites123
[-] Folder Deleted : C:\Users\Marian\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[-] Folder Deleted : C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\Extensions\deskCutv2@gmail.com
[-] Folder Deleted : C:\Users\Marian\Documents\Flash Player Pro
[-] Folder Deleted : C:\Windows\SysNative\ARFC
[-] Folder Deleted : C:\Windows\SysWOW64\jmdp

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\findit.xml
[-] File Deleted : C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage
[-] File Deleted : C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
[-] File Deleted : C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage
[-] File Deleted : C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage-journal
[-] File Deleted : C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\invalidprefs.js
[-] File Deleted : C:\Windows\SysNative\dmwu.exe
[-] File Deleted : C:\Windows\SysNative\ImhxxpComm.dll
[-] File Deleted : C:\Windows\SysNative\roboot64.exe

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Hoolapp For Android
[-] Task Deleted : Hoolapp Init
[-] Task Deleted : Scheduled Update for Ask Toolbar

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Stpro.exe
[-] Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKCU\Software\WEDLMNGR
[-] Key Deleted : HKLM\SOFTWARE\downchecker
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
[-] Key Deleted : [x64] HKLM\SOFTWARE\downchecker
[-] Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
[-] Key Deleted : [x64] HKLM\SOFTWARE\WNLT
[-] Key Deleted : HKU\.DEFAULT\Software\IM
[-] Key Deleted : HKU\.DEFAULT\Software\ImInstaller
[-] Key Deleted : HKU\.DEFAULT\Software\WNLT
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch

***** [ Web browsers ] *****

[-] [C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcgnigmofekcllgbiejhmigggmgehkip
[-] [C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jifflliplgeajjdhmkcfnngfpgbjonjg
[-] [C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : oiokahphinmbmakkehgelkmpolmnbkdh

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner[S1].txt - [15213 bytes] - [31/07/2013 22:16:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8417 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Remote Desktop Access VuuPC

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
paragan
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 09 lis 2007 00:12

Re: Remote Desktop Access VuuPC

#5 Příspěvek od paragan »

Prikladám log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by Marian (administrator) on PC (23-02-2016 08:38:11)
Running from C:\Users\Marian\Desktop
Loaded Profiles: Marian (Available Profiles: Marian)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) G:\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\iSkysoft\iTube Studio\BrowserPlugInHelper.exe [401920 2013-07-15] (Wondershare Software)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-05-20] ()
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: {0830b90c-1ec0-11e2-bd1b-6c626d59d49e} - I:\AUTORUN.EXE
AppInit_DLLs: C:\ProgramData\dlohn\Dentosing.dll => No File
AppInit_DLLs-x32: C:\ProgramData\dlohn\SubTone.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-19]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-07-08]
ShortcutTarget: EvernoteClipper.lnk -> G:\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2015-12-25]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-09-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0AA06110-B427-4B45-961F-30F41C1FE078}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuMh5_pHWLaK2UZ_QIRfNyiozGeM_oh_feQZgt34EU0A9m3AYElL5NpHkHQsW86a6baqQxmHHIwHXTzmxNelXgRo-Bds1s2yrouZAM1dBFrDlCWFla8kMRT06btQWCm7TxRC1Gep_GogW0t2oVQYlsq02uJyBdR&q={searchTerms}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> G:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-02-04] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> G:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: iSkysoft iTube Studio -> {0F789748-F853-4734-A187-A096F05306E5} -> C:\Program Files (x86)\iSkysoft\iTube Studio\SVRIEPlugin.dll [2013-07-15] (iSkysoft Software Co., Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-02-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-03] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> G:\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-02-04] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-03] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - G:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default
FF NewTab: C:\\ProgramData\\dlohn\\ff.NT
FF Homepage: hxxps://www.google.sk/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2013-01-15] (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-05-20] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1321244427-3972337821-2775802884-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-01-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1321244427-3972337821-2775802884-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-05-20] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Block site - C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-05-29]
FF Extension: Evernote Web Clipper - C:\Users\Marian\AppData\Roaming\Mozilla\Firefox\Profiles\7b1lolg1.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-11-24]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{7F737E3E-993D-43AB-9109-90C4E82752CC}] - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRFirefoxExt
FF Extension: iSkysoft iTube Studio - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRFirefoxExt [2013-07-23] [not signed]
FF HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\Firefox\Extensions: [{7F737E3E-993D-43AB-9109-90C4E82752CC}] - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRFirefoxExt
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-04-10] <==== ATTENTION

Chrome:
=======
CHR HomePage: Default -> about:blank
CHR StartupUrls: Default -> "about:blank"
CHR Profile: C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (iSkysoft iTube Studio) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\afapmikcgbhfkecdhiokcgledjcpfbfd [2013-07-23]
CHR Extension: (Dokumenty Google) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Disk Google) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (YouTube) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (GFACE Experience Plugin) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol [2014-01-18]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-02-13]
CHR Extension: (Vimeo™ Download Videos) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg [2013-11-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-23]
CHR Extension: (Beyondpad) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjilocmjkhfhcoelokiomommpihnpep [2015-08-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\Marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Marian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-09]
CHR HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [afapmikcgbhfkecdhiokcgledjcpfbfd] - C:\Program Files (x86)\iSkysoft\iTube Studio\SVRChromePlugin.crx [2013-07-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-09-11] (Ellora Assets Corp.) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-10] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [260528 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-30] (AVG Technologies)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-26] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S1 aimfpslb; \??\C:\Windows\system32\drivers\aimfpslb.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 gblftahg; \??\C:\Windows\system32\drivers\gblftahg.sys [X]
S1 ivquwfrm; \??\C:\Windows\system32\drivers\ivquwfrm.sys [X]
S1 kewhvity; \??\C:\Windows\system32\drivers\kewhvity.sys [X]
S3 MSICDSetup; \??\H:\CDriver64.sys [X]
U4 secdrv; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 08:38 - 2016-02-23 08:38 - 00024420 _____ C:\Users\Marian\Desktop\FRST.txt
2016-02-23 08:37 - 2016-02-23 08:37 - 00000000 ____D C:\Users\Marian\Desktop\FRST-OlderVersion
2016-02-22 02:12 - 2016-02-22 12:38 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (8)
2016-02-20 22:35 - 2016-02-20 22:35 - 08128310 _____ C:\Users\Marian\Downloads\Princess Maker 2.zip
2016-02-20 22:34 - 2016-02-20 22:34 - 07977316 _____ C:\Users\Marian\Downloads\princess-maker-2.zip
2016-02-19 23:05 - 2016-02-19 23:05 - 00014674 _____ C:\Users\Marian\Documents\cc_20160219_230510.reg
2016-02-19 22:52 - 2016-02-19 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-19 22:17 - 2016-02-19 22:17 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-02-18 23:49 - 2016-02-18 23:49 - 06787138 _____ C:\Users\Marian\Downloads\[Dr._Linda_Edelstein]_Writer's_Guide_to_Character_(Book4You).epub
2016-02-18 23:46 - 2016-02-18 23:46 - 00500455 _____ C:\Users\Marian\Downloads\[Angela_Ackerman,_Becca_Puglisi]_The_Positive_Trai(Book4You).epub
2016-02-18 23:44 - 2016-02-18 23:44 - 00686085 _____ C:\Users\Marian\Downloads\[Angela_Ackerman,_Becca_Puglisi]_The_Negative_Trai(BookZZ.org).epub
2016-02-18 23:44 - 2016-02-18 23:44 - 00282882 _____ C:\Users\Marian\Downloads\[Angela_Ackerman,_Becca_Puglisi]_The_Emotion_Thesa(BookZZ.org).epub
2016-02-18 23:43 - 2016-02-18 23:43 - 03194417 _____ C:\Users\Marian\Downloads\[Jessica_Morrell]_Bullies,_Bastards_And_Bitches_H(BookZZ.org).epub
2016-02-18 23:43 - 2016-02-18 23:43 - 01301603 _____ C:\Users\Marian\Downloads\[Jessica_Morrell]_Between_the_Lines_Master_the_Su(BookZZ.org).pdf
2016-02-18 22:42 - 2016-02-18 22:42 - 01497419 _____ C:\Users\Marian\Downloads\storming-outline-transcript.pdf
2016-02-18 17:44 - 2016-02-19 00:07 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (6)
2016-02-17 18:19 - 2016-02-18 08:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-17 18:17 - 2016-02-17 18:17 - 00004216 _____ C:\Users\Marian\Documents\cc_20160217_181731.reg
2016-02-16 23:44 - 2016-02-17 06:02 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (7)
2016-02-16 01:39 - 2016-02-16 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-16 01:37 - 2016-02-16 01:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-16 01:37 - 2016-02-16 01:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-15 19:42 - 2016-02-15 19:44 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013
2016-02-15 19:42 - 2016-02-15 19:44 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013
2016-02-14 20:15 - 2016-02-14 20:15 - 00000000 ____D C:\Users\Marian\AppData\Roaming\NuGet
2016-02-14 19:16 - 2016-02-14 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2016-02-14 19:16 - 2016-02-14 19:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-02-14 19:14 - 2016-02-14 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2016-02-14 19:14 - 2016-02-14 19:14 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits
2016-02-14 19:11 - 2016-02-14 20:35 - 00000000 ____D C:\Users\Marian\Documents\Visual Studio 2013
2016-02-14 19:11 - 2016-02-14 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2016-02-14 19:06 - 2016-02-14 19:06 - 00000000 ____D C:\Program Files (x86)\AppInsights
2016-02-14 19:02 - 2016-02-14 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2016-02-14 19:00 - 2016-02-14 19:00 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-02-14 19:00 - 2016-02-14 19:00 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-02-14 18:56 - 2016-02-14 19:07 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2016-02-14 18:56 - 2016-02-14 18:56 - 00000000 ____D C:\Program Files\Application Verifier
2016-02-14 18:56 - 2016-02-14 18:56 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2016-02-14 18:53 - 2016-02-14 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-02-14 18:48 - 2016-02-14 18:48 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2016-02-14 18:45 - 2016-02-14 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-02-14 18:44 - 2016-02-14 18:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-02-14 18:43 - 2016-02-14 19:07 - 00000000 ____D C:\Program Files\IIS Express
2016-02-14 18:43 - 2016-02-14 19:07 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-02-14 18:43 - 2016-02-14 18:43 - 00000000 ____D C:\ProgramData\NuGet
2016-02-14 18:43 - 2016-02-14 18:43 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-02-14 18:43 - 2016-02-14 18:43 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-02-14 18:42 - 2016-02-14 18:42 - 00000000 ____D C:\Program Files\IIS
2016-02-14 18:42 - 2016-02-14 18:42 - 00000000 ____D C:\Program Files (x86)\IIS
2016-02-14 18:41 - 2016-02-14 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2016-02-14 18:35 - 2016-02-14 18:39 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-02-14 18:35 - 2016-02-14 18:35 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-02-14 18:35 - 2016-02-14 18:35 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2016-02-14 18:34 - 2016-02-14 18:34 - 00000000 ____D C:\Windows\symbols
2016-02-14 18:34 - 2016-02-14 18:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-02-14 18:29 - 2016-02-14 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2016-02-14 18:29 - 2016-02-14 18:39 - 00000000 ____D C:\Windows\SysWOW64\1033
2016-02-14 18:14 - 2016-02-14 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-02-14 18:14 - 2016-02-14 18:30 - 00000000 ____D C:\Windows\system32\1033
2016-02-14 18:14 - 2016-02-14 18:14 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-02-14 17:57 - 2016-02-15 19:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-14 11:23 - 2016-02-14 11:23 - 00000000 _____ C:\Users\Marian\Desktop\mangatokyi.txt
2016-02-13 22:12 - 2016-02-13 22:12 - 00000000 _____ C:\Users\Marian\Desktop\STEPHIE MUSSO.txt
2016-02-13 18:40 - 2016-02-13 21:50 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok
2016-02-13 13:00 - 2016-02-13 13:00 - 00000000 _____ C:\Users\Marian\Desktop\immortels.txt
2016-02-13 11:47 - 2016-02-22 21:35 - 00000000 ____D C:\Users\Marian\Downloads\Nový priečinok (2)
2016-02-10 22:07 - 2016-02-10 22:07 - 00009696 _____ C:\Users\Marian\Documents\cc_20160210_220705.reg
2016-02-10 22:02 - 2016-02-10 22:02 - 00000000 _____ C:\Users\Marian\Desktop\p9-4min.txt
2016-02-10 22:02 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 22:02 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 22:02 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 22:02 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 22:02 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 22:02 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 22:02 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-10 22:02 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 22:02 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-10 22:02 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-10 22:02 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 22:02 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 22:02 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 22:02 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 22:02 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 22:02 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 22:02 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 22:02 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 22:02 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 22:02 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 22:02 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 22:02 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 22:02 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 22:02 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 22:01 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 22:01 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-10 22:01 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 22:01 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 22:01 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 22:01 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 22:01 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 22:01 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 22:01 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 22:01 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 22:01 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 22:01 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 22:01 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 22:01 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 22:01 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 22:01 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 22:01 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 22:01 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 22:01 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 22:01 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 22:01 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-10 22:01 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 22:01 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-10 22:01 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-10 22:01 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-10 22:01 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 22:01 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-10 22:01 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 22:01 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-10 22:01 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-10 22:01 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-10 22:01 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 22:01 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 22:01 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 22:01 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 22:01 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 22:01 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-10 22:01 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 22:01 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-10 22:01 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-10 22:01 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 22:01 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-10 22:01 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-10 22:01 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-10 22:01 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 22:01 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-10 22:01 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-10 22:01 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-10 22:01 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-10 22:01 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 22:01 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 22:01 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-10 22:00 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 22:00 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 22:00 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 22:00 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 22:00 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 22:00 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-10 22:00 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 22:00 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 22:00 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 22:00 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 22:00 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 22:00 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 22:00 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 22:00 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 22:00 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-10 22:00 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-10 22:00 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-10 22:00 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 22:00 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 21:59 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 21:59 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 21:59 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 21:59 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 21:59 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 21:59 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 21:59 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 21:59 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 21:59 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 21:59 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 21:59 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 21:59 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 21:59 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 21:59 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 21:59 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 21:59 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 21:59 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 21:59 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 21:59 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 21:59 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 21:59 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 21:59 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 21:59 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 21:59 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 21:59 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 21:59 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 21:59 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 21:59 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 21:59 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 21:59 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 21:59 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 21:59 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 21:59 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 21:59 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 21:59 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 21:59 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 21:59 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 21:59 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 21:59 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 21:59 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 21:59 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 21:59 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 21:59 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 21:58 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 21:58 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 21:58 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 21:58 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 21:58 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 21:58 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 21:58 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 21:58 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-09 15:19 - 2016-02-09 17:53 - 00000000 ____D C:\Users\Marian\Desktop\Kouzelné holky
2016-02-09 15:08 - 2016-02-09 15:13 - 00000000 ____D C:\Users\Marian\Downloads\Bearmageddon
2016-02-07 21:40 - 2016-02-07 21:40 - 00015327 _____ C:\Users\Marian\Desktop\LM.bat
2016-02-07 21:35 - 2016-02-23 08:38 - 00000000 ____D C:\FRST
2016-02-07 21:31 - 2016-02-23 08:37 - 02371072 _____ (Farbar) C:\Users\Marian\Desktop\FRST64.exe
2016-02-07 21:15 - 2016-02-07 23:17 - 00000000 ____D C:\AdwCleaner
2016-02-07 21:15 - 2016-02-07 21:15 - 01508352 _____ C:\Users\Marian\Desktop\adwcleaner_5.033.exe
2016-02-03 18:34 - 2016-02-03 18:34 - 00036788 _____ C:\Users\Marian\Documents\cc_20160203_183429.reg
2016-02-03 13:41 - 2016-02-03 13:41 - 00041472 _____ C:\Users\Marian\AppData\Local\Techitrax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 00041472 _____ C:\Users\Marian\AppData\Local\Scot-lax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 00000187 _____ C:\Users\Marian\AppData\Local\Techitrax.exe.config
2016-02-03 13:41 - 2016-02-03 13:41 - 00000187 _____ C:\Users\Marian\AppData\Local\Scot-lax.exe.config
2016-02-03 13:41 - 2016-02-03 13:39 - 00001003 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-02-03 13:40 - 2016-02-23 04:41 - 00000000 ____D C:\Program Files (x86)\00000000-1454503245-0000-0000-6C626D59D49E
2016-02-03 13:37 - 2016-02-03 14:23 - 00000000 ____D C:\Program Files (x86)\KMSPico
2016-02-03 12:58 - 2016-02-11 00:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-02-03 12:57 - 2016-02-14 19:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-02-03 12:57 - 2016-02-14 19:23 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-02-03 12:57 - 2016-02-03 12:57 - 00000000 ____D C:\Windows\PCHEALTH
2016-02-03 12:54 - 2016-02-03 12:54 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-02-03 12:54 - 2016-02-03 12:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-03 12:54 - 2016-02-03 12:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-02-01 18:18 - 2016-02-01 18:18 - 00000000 ____D C:\Users\Marian\Documents\risk
2016-01-31 12:20 - 2016-01-31 12:20 - 00000000 _____ C:\Users\Marian\Desktop\ako sa pripravit na lod fight.txt
2016-01-26 11:04 - 2016-02-14 21:16 - 00000000 _____ C:\Users\Marian\Desktop\darkes dungeon.txt
2016-01-26 09:31 - 2016-01-26 10:29 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (5)
2016-01-25 23:52 - 2016-01-26 00:31 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (4)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 08:33 - 2012-11-10 00:25 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-23 08:22 - 2009-07-14 05:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-23 08:22 - 2009-07-14 05:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-23 08:10 - 2012-10-17 19:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-23 07:59 - 2013-05-20 20:52 - 00000000 ____D C:\Users\Marian\AppData\Local\PMB Files
2016-02-23 07:28 - 2012-11-10 00:27 - 00000000 ___RD C:\Users\Marian\Disk Google
2016-02-23 07:27 - 2013-05-31 21:09 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2016-02-23 07:27 - 2012-11-10 00:25 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-23 07:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 04:40 - 2012-10-17 20:45 - 00000000 ____D C:\Users\Marian\AppData\Roaming\vlc
2016-02-23 00:04 - 2012-10-17 19:51 - 00000000 ____D C:\ProgramData\MFAData
2016-02-21 01:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-21 00:49 - 2014-09-03 19:41 - 00000000 ____D C:\Users\Marian\AppData\Roaming\Azureus
2016-02-19 22:52 - 2015-11-06 20:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-19 22:52 - 2012-10-17 19:42 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-02-19 22:36 - 2013-06-22 09:34 - 00002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 22:36 - 2013-06-22 09:34 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 22:18 - 2015-03-02 22:26 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-19 22:17 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-19 22:16 - 2015-03-02 22:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-02-18 20:41 - 2013-06-05 20:19 - 00000000 ____D C:\Users\Marian\Documents\Knižnica Calibre
2016-02-18 08:52 - 2012-10-17 19:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-18 01:05 - 2015-08-28 19:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-16 23:02 - 2012-12-26 00:30 - 00000000 ____D C:\Users\Marian\AppData\Local\Paint.NET
2016-02-15 18:46 - 2009-07-14 05:45 - 00537664 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-14 19:26 - 2012-10-15 17:15 - 00134616 _____ C:\Users\Marian\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-14 18:14 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-14 15:25 - 2016-01-20 22:01 - 00000000 ____D C:\Users\Marian\Desktop\Nový priečinok (2)
2016-02-13 11:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-11 21:42 - 2015-11-04 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-11 21:41 - 2009-07-14 06:13 - 00795754 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-11 21:30 - 2014-12-10 11:53 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 21:30 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 21:30 - 2011-04-12 14:41 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 00:45 - 2009-07-14 03:34 - 00000489 _____ C:\Windows\win.ini
2016-02-10 22:10 - 2012-10-17 19:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 22:10 - 2012-10-17 19:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 22:10 - 2012-10-17 19:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 09:28 - 2012-11-10 00:25 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-10 09:28 - 2012-11-10 00:25 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-06 21:41 - 2013-06-21 10:43 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-06 20:56 - 2013-06-21 10:43 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-06 20:56 - 2012-10-15 16:26 - 00001441 _____ C:\Users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-03 14:37 - 2012-10-26 19:27 - 00000000 ____D C:\Users\Marian\AppData\Roaming\DAEMON Tools Lite
2016-02-03 14:13 - 2015-11-17 10:45 - 00000000 ____D C:\Users\Marian\AppData\Local\Avg
2016-02-03 13:52 - 2014-02-26 17:09 - 00000000 ____D C:\ProgramData\Oracle
2016-02-03 13:50 - 2015-11-14 16:23 - 00000000 ____D C:\Users\Marian\.oracle_jre_usage
2016-02-03 13:50 - 2014-10-18 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-03 13:50 - 2012-11-09 23:58 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-03 13:49 - 2014-10-18 07:59 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-03 12:58 - 2011-04-12 14:41 - 00000000 ____D C:\Windows\ShellNew
2016-02-03 12:55 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-31 10:29 - 2013-03-17 23:13 - 00001250 _____ C:\Users\Marian\Desktop\4K Video Downloader.lnk
2016-01-31 10:29 - 2013-03-17 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-01-30 17:23 - 2014-11-08 16:30 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-01-30 17:23 - 2014-11-08 16:30 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-01-30 17:23 - 2014-11-08 16:30 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-01-30 17:23 - 2014-11-08 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

==================== Files in the root of some directories =======

2013-05-21 15:30 - 2013-07-30 19:38 - 0003715 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-01-06 21:05 - 2014-01-06 21:05 - 0005632 _____ () C:\Users\Marian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-29 19:45 - 2012-12-29 19:45 - 0000094 _____ () C:\Users\Marian\AppData\Local\fusioncache.dat
2015-11-21 22:21 - 2015-11-21 22:21 - 0000758 _____ () C:\Users\Marian\AppData\Local\recently-used.xbel
2015-03-11 19:24 - 2015-03-11 19:24 - 0007605 _____ () C:\Users\Marian\AppData\Local\Resmon.ResmonCfg
2016-02-03 13:41 - 2016-02-03 13:41 - 0041472 _____ () C:\Users\Marian\AppData\Local\Scot-lax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 0000187 _____ () C:\Users\Marian\AppData\Local\Scot-lax.exe.config
2016-02-03 13:41 - 2016-02-03 13:41 - 0041472 _____ () C:\Users\Marian\AppData\Local\Techitrax.dat
2016-02-03 13:41 - 2016-02-03 13:41 - 0000187 _____ () C:\Users\Marian\AppData\Local\Techitrax.exe.config

Some files in TEMP:
====================
C:\Users\Marian\AppData\Local\Temp\i4jdel0.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-18 09:22

==================== End of FRST.txt ============================
Přílohy
Addition.rar
(16.86 KiB) Staženo 29 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Remote Desktop Access VuuPC

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: {0830b90c-1ec0-11e2-bd1b-6c626d59d49e} - I:\AUTORUN.EXE
AppInit_DLLs: C:\ProgramData\dlohn\Dentosing.dll => No File
AppInit_DLLs-x32: C:\ProgramData\dlohn\SubTone.dll => No File
C:\Program Files\McAfee Security Scan
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... 2uJyBdR&q={searchTerms}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-04-10] <==== ATTENTION
S1 aimfpslb; \??\C:\Windows\system32\drivers\aimfpslb.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 gblftahg; \??\C:\Windows\system32\drivers\gblftahg.sys [X]
S1 ivquwfrm; \??\C:\Windows\system32\drivers\ivquwfrm.sys [X]
S1 kewhvity; \??\C:\Windows\system32\drivers\kewhvity.sys [X]
S3 MSICDSetup; \??\H:\CDriver64.sys [X]
U4 secdrv; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Marian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Marian\AppData\Local\Temp
神採りアルケミーマイスター (x32 Version: 1.00.0006 - Eushully) Hidden
神採りアルケミーマイスター Append01 (x32 Version: 1.00.0004 - Eushully) Hidden
神採りアルケミーマイスター Append02 (x32 Version: 1.00.0003 - Eushully) Hidden
神採りアルケミーマイスター Ver2.00 Update (x32 Version: 2.00.0019 - Eushully) Hidden
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{7447D064-F23C-424A-A082-646ABF83C439}.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\ProgramData\TEMP:6C7EBDC3

ResetHosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
paragan
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 09 lis 2007 00:12

Re: Remote Desktop Access VuuPC

#7 Příspěvek od paragan »

Prikladám
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Marian (2016-03-10 22:04:44) Run:1
Running from C:\Users\Marian\Desktop
Loaded Profiles: Marian (Available Profiles: Marian)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\...\MountPoints2: {0830b90c-1ec0-11e2-bd1b-6c626d59d49e} - I:\AUTORUN.EXE
AppInit_DLLs: C:\ProgramData\dlohn\Dentosing.dll => No File
AppInit_DLLs-x32: C:\ProgramData\dlohn\SubTone.dll => No File
C:\Program Files\McAfee Security Scan
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... 2uJyBdR&q={searchTerms}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-04-10] <==== ATTENTION
S1 aimfpslb; \??\C:\Windows\system32\drivers\aimfpslb.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 gblftahg; \??\C:\Windows\system32\drivers\gblftahg.sys [X]
S1 ivquwfrm; \??\C:\Windows\system32\drivers\ivquwfrm.sys [X]
S1 kewhvity; \??\C:\Windows\system32\drivers\kewhvity.sys [X]
S3 MSICDSetup; \??\H:\CDriver64.sys [X]
U4 secdrv; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Marian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Marian\AppData\Local\Temp
神採りアルケミーマイスター (x32 Version: 1.00.0006 - Eushully) Hidden
神採りアルケミーマイスター Append01 (x32 Version: 1.00.0004 - Eushully) Hidden
神採りアルケミーマイスター Append02 (x32 Version: 1.00.0003 - Eushully) Hidden
神採りアルケミーマイスター Ver2.00 Update (x32 Version: 2.00.0019 - Eushully) Hidden
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{7447D064-F23C-424A-A082-646ABF83C439}.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\ProgramData\TEMP:6C7EBDC3

ResetHosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => key removed successfully
"HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0830b90c-1ec0-11e2-bd1b-6c626d59d49e}" => key removed successfully
HKCR\CLSID\{0830b90c-1ec0-11e2-bd1b-6c626d59d49e} => key not found.
"C:\ProgramData\dlohn\Dentosing.dll" => Value data removed successfully.
"C:\ProgramData\dlohn\SubTone.dll" => Value data removed successfully.

"C:\Program Files\McAfee Security Scan" folder move:

Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.

C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe => moved successfully
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe => not found.
HKU\S-1-5-21-1321244427-3972337821-2775802884-1000\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
HKLM\Software\Mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} => value removed successfully
C:\Program Files (x86)\mozilla firefox\firefox.cfg => moved successfully
aimfpslb => service removed successfully
EagleX64 => service removed successfully
gblftahg => service removed successfully
ivquwfrm => service removed successfully
kewhvity => service removed successfully
MSICDSetup => service removed successfully
secdrv => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Marian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Marian\AppData\Local\Temp" folder move:

Could not move "C:\Users\Marian\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41810510-3CE0-425B-BE07-B9793731737F}\\SystemComponent => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EFE563B0-DDDB-45AF-B49A-C109C93E5F35}\\SystemComponent => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19B5CAAF-3E36-40F4-83F2-45E0D258000C}\\SystemComponent => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C7B5C8A0-CE3F-4645-A0B6-B5515794076D}\\SystemComponent => value removed successfully
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => moved successfully
C:\ProgramData => ":$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM" ADS removed successfully.
"C:\Users\All Users" => ":$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM" ADS not found.
"C:\ProgramData\Application Data" => ":$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM" ADS not found.
C:\ProgramData\TEMP => ":6C7EBDC3" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-10 22:08:19)

C:\Program Files\McAfee Security Scan => moved successfully
C:\Users\Marian\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:08:20 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Remote Desktop Access VuuPC

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
paragan
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 09 lis 2007 00:12

Re: Remote Desktop Access VuuPC

#9 Příspěvek od paragan »

Ďakujem krásne, vyzerá to všetko v poriadku.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Remote Desktop Access VuuPC

#10 Příspěvek od Rudy »

To jsem rád. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“